Bukkit Forums

A new CraftBukkit for Minecraft 1.7.9 DEVELOPMENT build is now available!

As of this post, we've shifted development over to Minecraft 1.7.9 compatibility and now have development builds available. We strongly suggest that you only use this build if you would like to help us get a Beta build out sooner and are experienced with using unsupported development builds.

Minecraft 1.7.6+ contains important changes to enable support for the upcoming switch to UUIDs and name changing. We strongly recommend you read our previous article on the switch to UUIDs to help you understand what it means for servers and how to prepare for Mojang allowing name changes by Minecraft 1.8.

WARNING: Minecraft 1.7.9 is an update that requires clients to update before being able to connect. This means that players will not be able to connect to your server if they have not updated to at...

A new CraftBukkit for Minecraft 1.7.8 DEVELOPMENT build is now available!

As of this post, we've shifted development over to Minecraft 1.7.8 compatibility and now have development builds available. We strongly suggest that you only use this build if you would like to help us get a Beta build out sooner and are experienced with using unsupported development builds.

Minecraft 1.7.8 contains important changes to enable support for the upcoming switch to UUIDs and name changing. We strongly recommend you read our previous article on the switch to UUIDs to help you understand what it means for servers and how to prepare for Mojang allowing name changes by Minecraft 1.8.

WARNING: Minecraft 1.7.8 is an update that requires clients to update before being able to connect. This means that players will not be able to connect to your server if they have not updated to at...

Three days ago (April 8th, 2014) word broke of a critical vulnerability (code named "Heartbleed") within the popular cryptographic software, OpenSSL, that allows an attacker to read the memory of the host system. Roughly two thirds of the internet relies on OpenSSL to keep sensitive data secret and private, leaving many sites and services (including those provided by Bukkit) potentially open to data leakage.

How did Bukkit respond?
CloudFlare, a service we depend on for Content Distribution among other things for many of our sites, patched the hole before it became public knowledge and we patched the rest of our systems shortly after (although it did take slightly longer due to complications we experienced with some of them). Despite our relatively quick response to this issue, this security hole has existed in OpenSSL since December 31, 2011 (though it was only made known recently) so the impact of this vulnerability is unknown.

At the beginning of the year Mojang started dropping hints of their plan to switch from a name based accounts system to a universally unique identifier (UUID) based accounts system, ultimately moving towards allowing people to change their Minecraft name. With much of Minecraft currently relying on a name based accounts system (bans, whitelist, ops to name a few) along with plugins using names to keep track of players (permissions, ownership, protections), this change has a high potential to break both plugins and servers if server admins and developers are not prepared for it. At the time of writing, Mojang have said they're planning to enable name changing around the time Minecraft 1.8 is released and with Minecraft 1.8 slated to release in May, the window for preparations is quickly closing.

What is a UUID?
A Universally Unique IDentifier is a fairly long series of hexadecimal numbers commonly used in software to uniquely identify something. With...